• Hive Five
  • Posts
  • 🐝 Hive Five #27 – Recon master, ransomwhere, and AWS

🐝 Hive Five #27 – Recon master, ransomwhere, and AWS

Hi friends,

Greetings from the hive!

I hope you had a great weekend. It was an amazing one for sports fans - there was the UFC, Copa America and Euro finals.

Make sure to check out NahamSec's interview with Ryan Montgomery (0day) when it drops on YouTube. I saw it live and there definitely was an energy.

Before I forget, let me know if you'll be at DEFCON and want to meet up!

Let's take this week by swarm!

🐝 The Bee's Knees

  1. Interview with base_64 (19 y/o) | ~7000 rep on hackerone | methodology, mindset, life & more...: Here we have someone who started his Bug Bounty journey at the very young age of 16, and now at age 19, he has almost 7000 Rep on HackerOne.

  2. They are all Injection Vulnerabilities! - Security Simplified: What do SQL injections, command injections, and Cross-site scripting have in common? The answer is that they are all injection vulnerabilities.

  3. Getting Partial AWS Account IDs for any Cloudfront Website: Getting Partial AWS Account IDs for any Cloudfront Website.

  4. Mass Assignment exploitation in the wild – Escalating privileges in style.

  5. Whose app are you downloading? Link hijacking Binance’s shortlinks through AppsFlyer: While auditing the Binance program through their public bug bounty program, they noticed that some of the site’s shortlinks were being routed through a third-party app analytics platform called AppsFlyer.

🙏🏻 Enjoy This Newsletter?

  • Get $100 to try DigitalOcean. The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

🔥 Buzzworthy

✅ Changelog

  1. Release DOMPurify 2.3.0: Latest release added better handling of document creation on Firefox, added better handling of version numbers in license file, added two new browser versions to test suite config.

  2. Burp Suite roadmap update: July 2021: Here's an update on what they've added to their products so far this year, as well as some exciting new features they're adding to their roadmaps for the 12 months ahead.

📅 Events

  1. SecurityTrails x Amass - recon master contest: Are you the recon master we are looking for? Claim your place on the leaderboard and win awesome prizes.

  2. An update on upcoming Burpsuite training sessions by Nicolas Grégoire: September / French / UTC+2 is sold-out - September / English / UTC+2 has 5 seats left - October / English / UTC-4 has 3 seats left - December / English / UTC+1 has 3 seats left too

  3. Smart contract developer bootcamp: Learn how to write smart contracts in Solidity, and connect them to real-world data in a live, instructor-led group session with Chainlink Developer Advocates.

🎉 Celebrate

  1. Sam Curry: built a small security consultancy called Palisade with a few friends. Awesome!

  2. nemesis: started their role on the Bugcrowd Triage Team. Congrats!

💰 Careers

  1. Cybersecurity Jobs Thread - 7/9/2021 Edition by MARCUS J. CAREY: If you are hiring Cybersecurity folks please post a link to the position here. Please indicate if position can be REMOTE.

  2. The Paranoids are hiring: Work at The Paranoids with Sean and some truly exceptional folks, in a mature and diverse security organization, to support an incredible mission of protecting data for millions of Yahoo users around the world!

  3. Jessica Rose: "Hey UK tech folks! If your boss is going to try and force you back into the office, my DMs are open to try and help match you to new remote roles. Remote tech employers, reply if you’re hiring so folks can come work for you instead? RT to help completely ruin my Inbox?"

  4. Infosec Entry level Interview Questions 101 by Rohit.

  5. Junior Security Engineer at Bugcrowd: The role is to aid the security efforts of Bugcrowd, while proactively making changes to further improve our security posture.

📰 Articles

  1. Inside the FBI, Russia, and Ukraine’s failed cybercrime investigation: Russia and Ukraine promised to cooperate and help catch the world’s most successful hackers.

  2. CVE-2021-28474: SharePoint Remote Code Execution via Server-Side Control Interpretation Conflict: In May of 2021, Microsoft released a patch to correct CVE-2021-28474, a remote code execution bug in supported versions of Microsoft SharePoint Server.

  3. 6 Steps to Securing Bonus Program Invites!: Now that unaccepted program invitations expire after 8 days, you might be wondering what Bugcrowd is doing with all of those unused invites.

  4. Write good examples by starting with real code.

  5. PancakeSwap Logic Error Bug Fix Postmortem: Whitehat Juno submitted a critical vulnerability in PancakeSwap’s lottery contract on April 27.

📚 Resources

  1. Curated feed of top quality original community research & code on system internals, vulndev & RE: Commentary by @alisaesage.

  2. trimstray/the-book-of-secret-knowledge: A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools, and more.

  3. AWS Hacking: This guide provides some basic instructions how to compromise AWS.

  4. How to become extremely successful at Bug Bounties really fast - by Robert Vulpe.

  5. CTF Web Challenges by Orange Tsai: This is the repository of all CTF challenges they made, including the source code, write-up and idea explanation!

🎥 Videos

  1. Writing Secure JavaScript: This talk will go through some sample security flaws unique to JavaScript’s async nature and surrounding ecosystem.

  2. S01E10 - Talking Security with John Hammond - Security Shorts.

  3. Chapter 5 Common Pitfalls - Alice and Bob Learn Application Security: Questions to be answered:

  4. Hacker Heroes no. 4 - real_bitmap (Interview): A sit down with Tom Wyckhuys (@real_bitmap) who is in Intigriti's Top-10 leaderboard of all time.

  5. What is a Browser Security Sandbox?! (Learn to Hack Firefox): It's surprisingly easy to do security research on Firefox trying to find sandbox escapes.

🎵 Audio

Get $100 to try DigitalOcean - The go-to VPS for bug bounty hunters. I use it for all of my own recon and automation needs, plus it also doubles as a VPN. They have every cloud resource you need at an affordable price.

Subscribe to the Hive Five to read the rest.

Become a paying subscriber of the Hive Five to get access to this post and other subscriber-only content.

Already a paying subscriber? Sign In

A subscription gets you:
Join a private Discord COMMUNITY: Engage in chat, uplift one another, grow together, and explore shared interests.
Access to COMPLETE HIVE ARCHIVE: Unlock a treasure trove of tools, resources, videos, and audio, catering to all your needs.
EXCLUSIVE & BONUS content: Delve into hundreds of curated links that didn't make it into the newsletter.
Experience continuously added NEW BENEFITS.